+

WO2007011991A2 - Cryptographie symetrique/asymetrique hybride a authentification d'utilisateur - Google Patents

Cryptographie symetrique/asymetrique hybride a authentification d'utilisateur Download PDF

Info

Publication number
WO2007011991A2
WO2007011991A2 PCT/US2006/027979 US2006027979W WO2007011991A2 WO 2007011991 A2 WO2007011991 A2 WO 2007011991A2 US 2006027979 W US2006027979 W US 2006027979W WO 2007011991 A2 WO2007011991 A2 WO 2007011991A2
Authority
WO
WIPO (PCT)
Prior art keywords
user authentication
authentication factor
asymmetric
hardware device
key
Prior art date
Application number
PCT/US2006/027979
Other languages
English (en)
Other versions
WO2007011991A3 (fr
Inventor
Siva G. Narendra
Prabhakar Tadepalli
Thomas N. Spitzer
Original Assignee
Tyfone, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tyfone, Inc. filed Critical Tyfone, Inc.
Publication of WO2007011991A2 publication Critical patent/WO2007011991A2/fr
Publication of WO2007011991A3 publication Critical patent/WO2007011991A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates generally to secure data storage, and more specifically to the use of hybrid symmetric/asymmetric cryptography for secure data storage.
  • Cryptography may be used to limit access to data. For example, sensitive data in computers or networks may be encrypted to block access by unauthorized users. Cryptography may be utilized to securely store information or to securely share information. Different types of cryptography are in use today. Examples include symmetric cryptography and asymmetric cryptography. In symmetric cryptography, encryption and decryption are performed with the same "key.” Symmetric cryptography is sometimes also referred to as secret key cryptography, because the key cannot be disclosed for the data to remain secure. Triple-DES cryptography is an example of symmetric cryptography.
  • Asymmetric cryptography uses two keys: an encryption key, and a decryption key, where the encryption key is derived from the decryption key using a one-way function.
  • the encryption key also referred to as the public key
  • the decryption key also referred to as the private key
  • Examples of asymmetric cryptography include Rivest- Shamir-Adleman (RSA) and elliptic curve cryptography.
  • Figure 1 shows a mobile electronic device in accordance with various embodiments of the present invention
  • Figures 2 and 3 show flow diagrams in accordance with various embodiments of the present invention.
  • FIG. 4 shows a computer system in accordance with various embodiments of the present invention.
  • FIG. 1 shows a mobile electronic device.
  • Mobile electronic device 100 may be any type of electronic device considered to be mobile.
  • mobile electronic device 100 may be a personal digital assistant (PDA), a smartphone, a mobile phone, a handheld computer, or any other device capable of operating as described herein.
  • Figure 1 also shows secondary electronic device 120.
  • Secondary electronic device 120 is shown as a key fob separate from mobile electronic device 100 in Figure 1, but this is not a limitation of the present invention.
  • secondary electronic device 120 may be a card that attaches to, and detaches from, mobile electronic device 100. Accordingly, secondary electronic device 120 may be separate from, or separable from, mobile electronic device 100.
  • Mobile electronic device 100 is shown including controls 106, fingerprint scanner 108, voice input 104, and retinal scanner 102.
  • Fingerprint scanner 108, voice input 104, and retinal scanner 102 are examples of biometric information collection devices capable of collecting biometric information to authenticate a user of mobile device 100.
  • Controls 106 represent an input device capable of accepting other types of user authentication information, such as a password or personal identification number (PIN).
  • Biometric information, passwords, and PINs are examples of user authentication factors (UAF) useful to authenticate a user to mobile electronic device 100.
  • UAF user authentication factors
  • access to mobile electronic device 100 or features of mobile electronic device 100 may be limited to users that satisfy certain requirements with respect to matching UAFs. Other types of information may also be used as user authentication factors.
  • UAFs may include unique identifiers (IDs) related to hardware devices such as mobile electronic device 100 or secondary electronic device 120.
  • IDs unique identifiers
  • user authentication is performed using a combination of UAFs.
  • a unique ID may be combined with biometric information to authenticate a user to mobile electronic device 100.
  • Unique IDs may be received by mobile electronic device 100 in many ways.
  • a unique ID may be provided by secondary electronic device 120 using a wireless interface, or by physical contact between mobile electronic device 100 and secondary electronic device 120.
  • a unique ID may be provided by an internal subsystem within mobile electronic device 100, such as a hard disk drive, a memory subsystem, or a processor.
  • Mobile electronic device 100 may provide secure data storage or secure data transfer using hybrid symmetric/asymmetric cryptography that utilizes UAFs. For example, an asymmetric decryption key may be generated from a mathematical representation of one or more UAFs, and an asymmetric encryption key may then be derived from the asymmetric decryption key using a one-way function. The asymmetric encryption key may then be used to encrypt a symmetric key used for encryption and decryption of data.
  • Hybrid symmetric/asymmetric cryptography embodiments are described in further detail below with reference to later figures.
  • Mobile electronic device 100 may include a mechanism to allow mobile electronic device 100 to communicate with a wired or wireless network.
  • mobile electronic device 100 may include circuitry to communicate with a cellular phone network.
  • mobile electronic device 100 may or may not be a phone.
  • mobile electronic device 100 may be a cellular telephone having cryptography capabilities.
  • mobile electronic device 100 may be a non-telephonic device that has cellular network connectivity. Examples include personal digital assistants, and handheld devices dedicated to secure data storage or secure data exchange.
  • mobile electronic device 100 may be a non-telephonic device having wired or wireless connectivity to a network other than a cellular network, and in some embodiments, mobile electronic device 100 may be a device without network connectivity. Examples include, but are not limited to: Blackberry devices available from Research in Motion (RIM), music players such, as MP3 players, cameras, and the like.
  • RIM Research in Motion
  • mobile electronic device 100 is an example of a "wearable" device that is capable of securely storing or exchanging data.
  • mobile electronic device 100 may have the form factor of a wristwatch.
  • Some embodiments of the present invention may have other wearable form factors.
  • a wearable mobile electronic device may be worn in such a manner that it contacts human skin, or it may be worn on clothing. Any wearable intelligent electronic device may be employed without departing from the scope of the present invention.
  • FIG. 2 shows a flow diagram in accordance with various embodiments of the present invention.
  • Diagram 200 represents data flow and actions that may be performed when encrypting data in accordance with various embodiments of the present invention.
  • the various actions represented in Figure 2 may be performed by a mobile electronic device such as mobile electronic device 100 ( Figure 1), although this is not a limitation of the present invention.
  • the various actions in Figure 2 may be performed by a non-mobile computing device such as a desktop computer, workstation, or mainframe computer.
  • Block 210 represents the collection of one or more user authentication factors (UAFs).
  • UAFs user authentication factors
  • a UAF may be biometric information, a password or PIN, a hardware ID, or any combination.
  • a user may provide a fingerprint and also present a secondary electronic device that transmits a unique hardware ID.
  • the fingerprint and the hardware ID may together be considered a UAF.
  • the collection of UAF may be performed with biometric sensors such as those shown on mobile electronic device 100 ( Figure 1). Further, the collection of UAF may be performed over a wired or wireless interface.
  • an asymmetric decryption key D is generated from the UAF. Any functional relationship may be used to relate D to the UAF. For example, if the generation of D uses one or more prime numbers, prime number generation or selection may be a function of the UAF. Further, in some embodiments, D may be set equal to a numerical representation of the UAF. Without the UAF, the asymmetric decryption key D cannot be generated.
  • an asymmetric encryption key E is generated from the asymmetric decryption key D using a one-way function. Without components o ⁇ D,E cannot be generated. Any type of one-way function may be utilized without departing from the scope of the present invention. For example, a one-way function built on the Rivest- Shamir- Adleman (RSA) public key encryption algorithm may be utilized.
  • RSA Rivest- Shamir- Adleman
  • a symmetric key SK is generated. The manner in which SK is generated is not a limitation of the present invention. For example, SK may be generated randomly, or may be received from an external source.
  • the symmetric encryption process at 250 uses SK to encrypt data 240, and encrypted data is stored at 290.
  • the asymmetric encryption process 250 encrypts the symmetric key SK and the UAF using the asymmetric encryption key E.
  • the encrypted UAF, the encrypted symmetric key SK, and the asymmetric encryption key E are stored 260. Neither the asymmetric decryption key D nor the symmetric key SK are stored.
  • Figure 3 shows a flow diagram in accordance with various embodiments of the present invention.
  • Diagram 300 represents data flow and actions that may be performed when decrypting data in accordance with various embodiments of the present invention.
  • the various actions represented in Figure 3 may be performed by a mobile electronic device such as mobile electronic device 100 ( Figure 1), although this is not a limitation of the present invention.
  • the various actions in Figure 3 may be performed by a non-mobile computing device such as a desktop computer, workstation, or mainframe computer.
  • Block 310 represents the collection of one or more user authentication factors (UAFs).
  • the UAF in block 310 is collected for the decryption of data and is referred to as UAF' to distinguish it from the UAF collected when the data is encrypted ( Figure 2).
  • a UAF' may be biometric information, a password or PIN, a hardware ID, or any combination.
  • a user may provide a fingerprint and also present a secondary electronic device that transmits a unique hardware ID.
  • the fingerprint and the hardware ID may together be considered a UAF'.
  • the collection of UAF' may be performed with biometric sensors such as those shown on mobile electronic device 100 ( Figure 1). Further, the collection of UAF' may be performed over a wired or wireless interface.
  • the asymmetric encryption key E, encrypted UAF, and encrypted symmetric key SK are shown stored at 260 as a product of the various actions shown in Figure 2.
  • the collected UAF' is encrypted using E, and the result is compared with the encrypted UAF stored at 260. If there is no match, then data access is denied at 340. If there is a match (signifying that UAF and UAF' are equal), then the asymmetric decryption key D is generated from UAF' at 360. The asymmetric decryption key D is used to decrypt the symmetric key SK at 350.
  • the symmetric key SK is used to decrypt the data stored at 290, and the result is the non-encrypted data 240.
  • the user authentication factor can include one or more of biometric factors identifying an individual, passwords or PINs identifying a privileged person or class of persons, or hardware device specific IDs that identify the presence or proximity of a particular piece of equipment.
  • the UAF used to generate the asymmetric decryption key D is formed by combining biometric information with one or more hardware IDs.
  • a valid user may only access encrypted data when a particular piece of hardware is present.
  • a hardware ID from secondary electronic device 120 ( Figure 1) may be combined with a user's fingerprint to form a UAF used to generate D.
  • a hardware ID from within mobile electronic device 100 may be combined with a biometric factor collected by one or more of the various biometric collection components shown in Figure 1.
  • FIG. 4 shows a computer system. in accordance with various embodiments of the present invention.
  • Computer system 400 may be a mobile electronic device such as mobile electronic device 100 ( Figure 1), or may be a non-mobile device such as a desktop computer, workstation, server, or mainframe.
  • Computer system 400 includes processor 460, user authentication factor (UAF) collection component 410, hybrid symmetric/asymmetric cryptography engine 430, and storage component 450.
  • UAF user authentication factor
  • UAF collection component 410 includes one or more components capable of collecting user authentication factors.
  • UAF collection component 410 may include wireless interface 412 to communicate with other electronic devices to receive user authentication factors. Any type of UAF information may be received over wireless interface 412.
  • wireless interface 412 may communicate with a secondary wireless device such as a mobile phone or key fob having a unique ID that is used as a UAF.
  • wireless interface 412 may communicate with other computer systems that provide one or more UAFs.
  • Biometric collection component 414 may include one or more interfaces to collect biometric information of a user.
  • biometric collection component 414 may include a fingerprint scanner, a retinal scanner, a voice recorder, or the like.
  • Unique ID 416 may be collected by UAF collection component 410 in many different ways.
  • one or more subsystems within computer system 400 may provide a unique hardware ID for use as a UAF.
  • unique ID 416 may be provided by a hardware device that is separate from, or separable from, computer system 400.
  • UAF collection component 410 may be implemented in hardware, software, or any combination.
  • wireless interface 412 may include a network interface card (NIC) that includes a processing device and firmware.
  • biometric collection component 414 may include hardware to provide a physical interface to a person, and may also include a device driver to be executed by processor 460.
  • User authentication factors collected by UAF collection component 410 may be utilized to generate asymmetric decryption keys in a hybrid symmetric/asymmetric cryptography engine.
  • UAF collection component may provide the UAF referenced in Figure 2 and the UAF' referenced in Figure 3.
  • Hybrid symmetric/asymmetric cryptography engine 430 includes asymmetric decryption key generation component 432, asymmetric encryption key generation component 434, asymmetric encryption/decryption process component 436, and symmetric encryption/decryption process component 438.
  • the various components of hybrid symmetric/asymmetric cryptography engine 430 may be implemented in hardware, software, or any combination.
  • the various components may be implemented in sqftware that is executed by processor 460.
  • the various components of hybrid symmetric/asymmetric cryptography engine 430 may be embodied as instructions on a machine readable medium such as a memory device, hard disk drive, or other storage medium.
  • asymmetric decryption key generation component 432 generates an asymmetric decryption key D from a user authentication factor. For example, asymmetric decryption key generation component 432 may perform actions shown at 220 in Figure 2 or at 360 in Figure 3.
  • asymmetric encryption key generation component 434 generates an asymmetric encryption key E from an asymmetric decryption key D using a one-way function. For example, asymmetric encryption key generation component 434 may perform actions shown at 230 in Figure 2.
  • asymmetric encryption/decryption process component 436 utilizes an asymmetric encryption key E to encrypt data.
  • asymmetric encryption/decryption process component 436 may perform actions shown at 250 in Figure 2 or 320 in Figure 3.
  • asymmetric encryption/decryption process component 436 utilizes an asymmetric decryption key D to decrypt encrypted data.
  • asymmetric encryption/decryption process component 436 may perform actions shown at 350 in Figure 3.
  • symmetric encryption/decryption process component 438 utilizes a symmetric key SK to encrypt data.
  • symmetric encryption/decryption process component 438 may perform actions shown at 280 in Figure 2.
  • symmetric encryption/decryption process component 438 utilizes a symmetric key SK to decrypt encrypted data.
  • symmetric encryption/decryption process component 438 may perform actions shown at 370 in Figure 3.
  • Storage component 450 may be any type of storage component capable of storing encrypted data, encrypted UAFs, encrypted keys, and encryption keys.
  • storage component 450 may be a memory such as a static random access memory (SRAM), dynamic random access memory (DRAM), or FLASH memory.
  • SRAM static random access memory
  • DRAM dynamic random access memory
  • storage component 450 may be a hard disk, floppy disk, CDROM storage, or any other type of storage.
  • Storage component 450 may also include a machine readable medium that includes instructions that when accessed result in processor 460 performing actions.
  • storage component 450 may have instructions to implement the various components of hybrid symmetric/asymmetric cryptography engine 430.
  • Processor 460 represents a processor capable of communicating with the other blocks shown in computer system 400.
  • processor 460 may be a microprocessor, a digital signal processor (DSP), a microcontroller, or the like. Further, processor 460 may be formed from state machines or other sequential logic. In operation, processor 460 may read instructions and/or data from storage component 450, hybrid symmetric/asymmetric cryptography engine 430, or UAF collection component 410. For example, processor 460 may execute program instructions that implement hybrid symmetric/asymmetric cryptography engine 430.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

Ce dispositif utilise un facteur d'authentification utilisateur pour générer une clé de décryptage asymétrique à utiliser en cryptographie. Une clé de cryptage asymétrique est générée à partir de la clé de décryptage asymétrique au moyen d'une fonction unidirectionnelle, la clé d'encryptage asymétrique étant utilisée pour crypter une clé symétrique.
PCT/US2006/027979 2005-07-15 2006-07-17 Cryptographie symetrique/asymetrique hybride a authentification d'utilisateur WO2007011991A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/182,920 US8189788B2 (en) 2005-07-15 2005-07-15 Hybrid symmetric/asymmetric cryptography with user authentication
US11/182,920 2005-07-15

Publications (2)

Publication Number Publication Date
WO2007011991A2 true WO2007011991A2 (fr) 2007-01-25
WO2007011991A3 WO2007011991A3 (fr) 2007-11-01

Family

ID=37661663

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/027979 WO2007011991A2 (fr) 2005-07-15 2006-07-17 Cryptographie symetrique/asymetrique hybride a authentification d'utilisateur

Country Status (2)

Country Link
US (1) US8189788B2 (fr)
WO (1) WO2007011991A2 (fr)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7941197B2 (en) 2007-09-12 2011-05-10 Devicefidelity, Inc. Updating mobile devices with additional elements
US8070057B2 (en) 2007-09-12 2011-12-06 Devicefidelity, Inc. Switching between internal and external antennas
US8189788B2 (en) 2005-07-15 2012-05-29 Tyfone, Inc. Hybrid symmetric/asymmetric cryptography with user authentication
US8477940B2 (en) 2005-07-15 2013-07-02 Tyfone, Inc. Symmetric cryptography with user authentication
US8915447B2 (en) 2007-09-12 2014-12-23 Devicefidelity, Inc. Amplifying radio frequency signals
GB2522445A (en) * 2014-01-24 2015-07-29 Raymond Breen Secure mobile wireless communications platform
US9311766B2 (en) 2007-09-12 2016-04-12 Devicefidelity, Inc. Wireless communicating radio frequency signals
US9603015B2 (en) 2014-02-03 2017-03-21 Empire Technology Development Llc Encrypted communication between paired devices

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070220257A1 (en) * 2006-03-06 2007-09-20 Sandisk Il Ltd. Controlled-Access Recording Generator
US9304555B2 (en) * 2007-09-12 2016-04-05 Devicefidelity, Inc. Magnetically coupling radio frequency antennas
US20090164804A1 (en) * 2007-12-25 2009-06-25 Sandisk Il Ltd. Secured storage device
SK50042008A3 (sk) * 2008-01-04 2009-09-07 Logomotion, S. R. O. Spôsob a systém autentifikácie najmä pri platbách, identifikátor totožnosti a/alebo súhlasu
SK288721B6 (sk) * 2008-03-25 2020-01-07 Smk Kk Spôsob, zapojenie a nosič na vykonávanie opakovaných operácií na klávesnici mobilného komunikačného zariadenia
JP5582654B2 (ja) * 2008-08-29 2014-09-03 ロゴモーション エス.アール.オー. 非接触通信用の脱着可能なカード、その使用および作製方法
US9098845B2 (en) * 2008-09-19 2015-08-04 Logomotion, S.R.O. Process of selling in electronic shop accessible from the mobile communication device
SK288757B6 (sk) * 2008-09-19 2020-05-04 Smk Kk Systém a spôsob bezkontaktnej autorizácie pri platbe
SK288747B6 (sk) 2009-04-24 2020-04-02 Smk Kk Spôsob a systém bezhotovostnej platobnej transakcie, najmä s použitím bezkontaktného platobného prostriedku
SK50862008A3 (sk) * 2008-09-19 2010-06-07 Logomotion, S. R. O. Systém na elektronické platobné aplikácie a spôsob autorizácie platby
SK288641B6 (sk) * 2008-10-15 2019-02-04 Smk Corporation Spôsob komunikácie s POS terminálom, frekvenčný konventor k POS terminálu
SK500092009A3 (sk) * 2009-02-27 2010-09-07 Logomotion, S. R. O. Počítačová myš na zapojenie na prenos údajov, najmä pri elektronických platbách, spôsob prenosu údajov
EP2462567A2 (fr) * 2009-05-03 2012-06-13 Logomotion, s.r.o. Terminal de paiement utilisant un dispositif de communication mobile, tel qu'un téléphone mobile, procédé de transaction de paiement par débit direct
US9544759B2 (en) 2011-11-01 2017-01-10 Google Inc. Systems, methods, and computer program products for managing states
US9104887B2 (en) 2011-11-01 2015-08-11 Google Inc. Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
CN104335237B (zh) 2012-05-24 2019-01-18 谷歌有限责任公司 用于提供非接触式协议的系统、方法和计算机程序产品
WO2014011454A2 (fr) 2012-07-09 2014-01-16 Jvl Ventures, Llc Systèmes, procédés et produits programmes d'ordinateur pour intégrer des services tiers avec un portefeuille mobile
US8676709B2 (en) 2012-07-31 2014-03-18 Google Inc. Merchant category codes in a proxy card transaction
CA2890673C (fr) 2012-09-18 2017-10-10 Jvl Ventures, Llc Systemes, procedes et produits programmes d'ordinateur pour interfacer de multiples gestionnaires de service de confiance de fournisseur de service et de multiples elements de securite
GB2506591A (en) 2012-09-28 2014-04-09 Bell Identification Bv Method of providing secure services using a mobile device
JP6037583B2 (ja) 2013-01-25 2016-12-07 グーグル インコーポレイテッド データの再インストールを管理するためのシステム、方法、およびコンピュータプログラム製品
US9646302B2 (en) 2013-03-26 2017-05-09 Google Inc. Systems, methods, and computer program products for managing wallet activation
WO2014160636A1 (fr) 2013-03-26 2014-10-02 Jvl Ventures Llc Systèmes, procédés et produits de programmes informatiques pour la gestion de l'installation de services
WO2014160715A1 (fr) 2013-03-26 2014-10-02 Jvl Ventures, Llc Systèmes, procédés et produits de programme informatique permettant de gérer une commande d'accès
WO2014189748A1 (fr) 2013-05-21 2014-11-27 Jvl Ventures, Llc Systèmes, procédés et produits-programmes informatiques permettant de gérer la désactivation de services
WO2014204832A1 (fr) 2013-06-17 2014-12-24 Jvl Ventures, Llc Systèmes, procédés et produits-programmes d'ordinateur pour le traitement d'une requête concernant un dispositif de communication mobile
WO2015006215A1 (fr) 2013-07-08 2015-01-15 Jvl Ventures, Llc Systèmes, procédés et produits de type programme informatique pour traiter des ensembles d'instructions pour des dispositifs mobiles
US9940446B2 (en) 2013-07-25 2018-04-10 Siemens Healthcare Diagnostics Inc. Anti-piracy protection for software
US9311491B2 (en) 2013-09-30 2016-04-12 Google Inc. Systems, methods, and computer program products for securely managing data on a secure element
WO2015053924A1 (fr) 2013-10-10 2015-04-16 Jvl Ventures, Llc Systèmes, procédés et produits programme d'ordinateur pour mémoriser et gérer des données de programme
US9811825B2 (en) 2013-10-10 2017-11-07 Google Inc. Systems, methods, and computer program products for managing contactless transactions
WO2015094808A1 (fr) 2013-12-19 2015-06-25 Jvl Ventures, Llc Systèmes, procédés et produits-programme d'ordinateur pour obtenir des données de dispositif mobile
US9794353B2 (en) 2013-12-19 2017-10-17 Google Inc. Systems, methods, and computer program products for service processing
US9590986B2 (en) 2015-02-04 2017-03-07 Aerendir Mobile Inc. Local user authentication with neuro and neuro-mechanical fingerprints
US9836896B2 (en) 2015-02-04 2017-12-05 Proprius Technologies S.A.R.L Keyless access control with neuro and neuro-mechanical fingerprints
US9577992B2 (en) * 2015-02-04 2017-02-21 Aerendir Mobile Inc. Data encryption/decryption using neuro and neuro-mechanical fingerprints
DE102015225778A1 (de) * 2015-12-17 2017-06-22 Deutsche Post Ag Vorrichtung und Verfahren für die personalisierte Bereitstellung eines Schlüssels
US10601828B2 (en) 2018-08-21 2020-03-24 HYPR Corp. Out-of-band authentication based on secure channel to trusted execution environment on client device
CN109495522A (zh) * 2019-01-22 2019-03-19 深圳互联先锋科技有限公司 数据加密传输方法及装置
US11275820B2 (en) 2019-03-08 2022-03-15 Master Lock Company Llc Locking device biometric access
US10411894B1 (en) * 2019-05-17 2019-09-10 Cyberark Software Ltd. Authentication based on unique encoded codes
US11588645B1 (en) * 2019-09-06 2023-02-21 University Of South Florida Systems and methods for compromise resilient and compact authentication for digital forensics
US11991400B2 (en) * 2022-07-15 2024-05-21 Bank Of America Corporation Device for executing audio cryptology in real-time for audio misappropriation prevention

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000036566A1 (fr) * 1998-12-14 2000-06-22 Koninklijke Philips Electronics N.V. Moyen d'identification biometrique permettant de maintenir l'integrite des informations biometriques

Family Cites Families (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5585787A (en) 1991-12-09 1996-12-17 Wallerstein; Robert S. Programmable credit card
CH690048A5 (fr) 1995-11-28 2000-03-31 C Sam S A En Formation C O Jue Dispositif de sécurité commandant l'accès à un ordinateur ou à un terminal de réseau.
US5995630A (en) 1996-03-07 1999-11-30 Dew Engineering And Development Limited Biometric input with encryption
US5917913A (en) 1996-12-04 1999-06-29 Wang; Ynjiun Paul Portable electronic authorization devices and methods therefor
US6185685B1 (en) * 1997-12-11 2001-02-06 International Business Machines Corporation Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same
US6845453B2 (en) 1998-02-13 2005-01-18 Tecsec, Inc. Multiple factor-based user identification and authentication
US6636833B1 (en) 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6848050B1 (en) 1998-04-16 2005-01-25 Citicorp Development Center, Inc. System and method for alternative encryption techniques
US6315195B1 (en) 1998-04-17 2001-11-13 Diebold, Incorporated Transaction apparatus and method
US6219439B1 (en) 1998-07-09 2001-04-17 Paul M. Burger Biometric authentication system
US6330674B1 (en) 1998-09-30 2001-12-11 Compaq Computer Corporation Use of biometrics as a methodology for defining components for ECC encryption
US6901145B1 (en) 1999-04-08 2005-05-31 Lucent Technologies Inc. Generation of repeatable cryptographic key based on varying parameters
US6687375B1 (en) 1999-06-02 2004-02-03 International Business Machines Corporation Generating user-dependent keys and random numbers
ATE307365T1 (de) 1999-07-06 2005-11-15 Swisscom Mobile Ag Verfahren zum prüfen von fahrkarten von benutzern öffentlicher verkehrsmittel
US7340439B2 (en) 1999-09-28 2008-03-04 Chameleon Network Inc. Portable electronic authorization system and method
EP1216460A1 (fr) 1999-09-28 2002-06-26 Chameleon Network Inc. Systeme electronique d'autorisation portatif et procede correspondant
US20050108096A1 (en) 1999-09-28 2005-05-19 Chameleon Network Inc. Portable electronic authorization system and method
US7080037B2 (en) 1999-09-28 2006-07-18 Chameleon Network Inc. Portable electronic authorization system and method
US6705520B1 (en) 1999-11-15 2004-03-16 Satyan G. Pitroda Point of sale adapter for electronic transaction device
IL133771A0 (en) 1999-12-28 2001-04-30 Regev Eyal Closed loop transaction
AU2001230474A1 (en) 2000-01-31 2001-08-14 Trivnet Ltd. Applications of automatic internet identification methods
AU2001243473A1 (en) 2000-03-07 2001-09-17 American Express Travel Related Services Company, Inc. System for facilitating a transaction
US20050127164A1 (en) 2002-03-19 2005-06-16 John Wankmueller Method and system for conducting a transaction using a proximity device and an identifier
US6609654B1 (en) 2000-05-15 2003-08-26 Privasys, Inc. Method for allowing a user to customize use of a payment card that generates a different payment card number for multiple transactions
US6805288B2 (en) 2000-05-15 2004-10-19 Larry Routhenstein Method for generating customer secure card numbers subject to use restrictions by an electronic card
US6871278B1 (en) 2000-07-06 2005-03-22 Lasercard Corporation Secure transactions with passive storage media
US6598031B1 (en) 2000-07-31 2003-07-22 Edi Secure Lllp Apparatus and method for routing encrypted transaction card identifying data through a public telephone network
US8015592B2 (en) 2002-03-28 2011-09-06 Innovation Connection Corporation System, method and apparatus for enabling transactions using a biometrically enabled programmable magnetic stripe
US20020096570A1 (en) 2001-01-25 2002-07-25 Wong Jacob Y. Card with a dynamic embossing apparatus
US6990587B2 (en) 2001-04-13 2006-01-24 Symbol Technologies, Inc. Cryptographic architecture for secure, private biometric identification
US6816058B2 (en) 2001-04-26 2004-11-09 Mcgregor Christopher M Bio-metric smart card, bio-metric smart card reader and method of use
US20020186845A1 (en) 2001-06-11 2002-12-12 Santanu Dutta Method and apparatus for remotely disabling and enabling access to secure transaction functions of a mobile terminal
US6836843B2 (en) 2001-06-29 2004-12-28 Hewlett-Packard Development Company, L.P. Access control through secure channel using personal identification system
US7249112B2 (en) 2002-07-09 2007-07-24 American Express Travel Related Services Company, Inc. System and method for assigning a funding source for a radio frequency identification device
DE60236094D1 (de) * 2001-08-13 2010-06-02 Univ R Systeme und Verfahren zur Verschlüsselung auf Identitätsbasis und damit zusammenhängende kryptografische Techniken
US7195154B2 (en) 2001-09-21 2007-03-27 Privasys, Inc. Method for generating customer secure card numbers
US6908030B2 (en) 2001-10-31 2005-06-21 Arcot Systems, Inc. One-time credit card number generator and single round-trip authentication
US6857566B2 (en) 2001-12-06 2005-02-22 Mastercard International Method and system for conducting transactions using a payment card with two technologies
US6845908B2 (en) 2002-03-18 2005-01-25 Hitachi Semiconductor (America) Inc. Storage card with integral file system, access control and cryptographic support
CA2479343A1 (fr) 2002-03-19 2003-10-02 Chameleon Network Inc. Systeme d'autorisation electronique portable et procede associe
GB2390705B (en) 2002-07-11 2004-12-29 Ritech Internat Ltd Portable biodata protected data storage unit
US7334130B2 (en) 2002-07-19 2008-02-19 Bowers Charles R Method and apparatus for managing confidential information
US7590861B2 (en) 2002-08-06 2009-09-15 Privaris, Inc. Methods for secure enrollment and backup of personal identity credentials into electronic devices
US7171564B2 (en) 2002-08-29 2007-01-30 International Business Machines Corporation Universal password generation method
US20040050930A1 (en) 2002-09-17 2004-03-18 Bernard Rowe Smart card with onboard authentication facility
US6886096B2 (en) 2002-11-14 2005-04-26 Voltage Security, Inc. Identity-based encryption system
GB0309182D0 (en) 2003-04-23 2003-05-28 Hewlett Packard Development Co Security method and apparatus using biometric data
US7267266B2 (en) 2003-07-10 2007-09-11 Rouille David W Security system
US7273168B2 (en) 2003-10-10 2007-09-25 Xilidev, Inc. Point-of-sale billing via hand-held devices
US7502928B2 (en) 2004-11-12 2009-03-10 Sony Computer Entertainment Inc. Methods and apparatus for secure data processing and transmission
US8189788B2 (en) 2005-07-15 2012-05-29 Tyfone, Inc. Hybrid symmetric/asymmetric cryptography with user authentication
US8477940B2 (en) 2005-07-15 2013-07-02 Tyfone, Inc. Symmetric cryptography with user authentication

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000036566A1 (fr) * 1998-12-14 2000-06-22 Koninklijke Philips Electronics N.V. Moyen d'identification biometrique permettant de maintenir l'integrite des informations biometriques

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MENEZES, VANSTONE, OORSCHOT: "Handbook of Applied Cryptography" 1997, CC PRESS LLC , USA , XP002442440 page 330 - page 331 page 386 - page 389 page 394 - page 395 page 551 - page 553 *
ULUDAG U ET AL: "Multimedia content protection via biometrics-based encryption" MULTIMEDIA AND EXPO, 2003. PROCEEDINGS. 2003 INTERNATIONAL CONFERENCE ON 6-9 JULY 2003, PISCATAWAY, NJ, USA,IEEE, vol. 3, 6 July 2003 (2003-07-06), pages 237-240, XP010650396 ISBN: 0-7803-7965-9 *

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8477940B2 (en) 2005-07-15 2013-07-02 Tyfone, Inc. Symmetric cryptography with user authentication
US8189788B2 (en) 2005-07-15 2012-05-29 Tyfone, Inc. Hybrid symmetric/asymmetric cryptography with user authentication
US8776189B2 (en) 2007-09-12 2014-07-08 Devicefidelity, Inc. Wirelessly accessing broadband services using intelligent cards
US8430325B2 (en) 2007-09-12 2013-04-30 Devicefidelity, Inc. Executing transactions secured user credentials
US8070057B2 (en) 2007-09-12 2011-12-06 Devicefidelity, Inc. Switching between internal and external antennas
US8190221B2 (en) 2007-09-12 2012-05-29 Devicefidelity, Inc. Wirelessly accessing broadband services using intelligent covers
US7942337B2 (en) 2007-09-12 2011-05-17 Devicefidelity, Inc. Wirelessly executing transactions with different enterprises
US8341083B1 (en) 2007-09-12 2012-12-25 Devicefidelity, Inc. Wirelessly executing financial transactions
US7941197B2 (en) 2007-09-12 2011-05-10 Devicefidelity, Inc. Updating mobile devices with additional elements
US8109444B2 (en) 2007-09-12 2012-02-07 Devicefidelity, Inc. Selectively switching antennas of transaction cards
US8915447B2 (en) 2007-09-12 2014-12-23 Devicefidelity, Inc. Amplifying radio frequency signals
US9384480B2 (en) 2007-09-12 2016-07-05 Devicefidelity, Inc. Wirelessly executing financial transactions
US9311766B2 (en) 2007-09-12 2016-04-12 Devicefidelity, Inc. Wireless communicating radio frequency signals
GB2522445A (en) * 2014-01-24 2015-07-29 Raymond Breen Secure mobile wireless communications platform
US9603015B2 (en) 2014-02-03 2017-03-21 Empire Technology Development Llc Encrypted communication between paired devices
US9979708B2 (en) 2014-02-03 2018-05-22 Empire Technology Development Llc Encrypted communication between paired devices

Also Published As

Publication number Publication date
US20070014408A1 (en) 2007-01-18
WO2007011991A3 (fr) 2007-11-01
US8189788B2 (en) 2012-05-29

Similar Documents

Publication Publication Date Title
US8189788B2 (en) Hybrid symmetric/asymmetric cryptography with user authentication
US8477940B2 (en) Symmetric cryptography with user authentication
US7805615B2 (en) Asymmetric cryptography with user authentication
KR102600545B1 (ko) 모바일 디바이스를 사용한 시스템 액세스
US8462955B2 (en) Key protectors based on online keys
US20080072066A1 (en) Method and apparatus for authenticating applications to secure services
JP7309261B2 (ja) 生体決済機器の認証方法、生体決済機器の認証装置、コンピュータ機器、及びコンピュータプログラム
JP2007174633A (ja) トークンデバイス及びセキュアメモリデバイスのためのバインディング鍵をセキュアに取得するためのコンピュータ実施方法、および、トークンデバイスとセキュアメモリデバイスとをセキュアにバインドするシステム
US9942226B2 (en) NFC package for storing biometric information and electronic device
JP4470373B2 (ja) 認証処理装置及びセキュリティ処理方法
WO2008035413A1 (fr) Processeur d'informations et procédé de gestion d'informations
WO2006000989A1 (fr) Biometrie privee et renouvelable
CN107395589A (zh) 指纹信息获取方法及终端
WO2012050585A1 (fr) Authentification d'une image d'empreinte digitale
TW201223225A (en) Method for personal identity authentication utilizing a personal cryptographic device
JP2024511236A (ja) コンピュータファイルのセキュリティ暗号化方法、復号化方法および読み取り可能な記憶媒体
CN114513302A (zh) 一种数据加解密方法及设备
US20200366488A1 (en) Biometric template handling
CN114866228B (zh) 一种实现软密码模块的方法、系统、存储介质及终端
US20240007466A1 (en) Optimized authentication system
CN113904850B (zh) 基于区块链私钥keystore安全登录方法,电子设备,存储介质
CN115694921A (zh) 一种数据存储方法、设备及介质
WO2022269544A1 (fr) Système de stockage d'actifs sécurisé et dispositif portable
Liu et al. A biometric‐based implicit authentication protocol with privacy protection for ubiquitous communication environments
US11949772B2 (en) Optimized authentication system for a multiuser device

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06787819

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 06787819

Country of ref document: EP

Kind code of ref document: A2

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载